| version 1.63, 2016/08/27 20:43:05 |
version 1.64, 2016/08/28 19:34:15 |
|
|
| The |
The |
| .Nm crl |
.Nm crl |
| command processes CRL files in DER or PEM format. |
command processes CRL files in DER or PEM format. |
| The PEM CRL format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN X509 CRL----- |
|
| -----END X509 CRL----- |
|
| .Ed |
|
| .Pp |
.Pp |
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
|
|
| .It Fl outform Cm der | pem |
.It Fl outform Cm der | pem |
| The output format. |
The output format. |
| .It Fl text |
.It Fl text |
| Print the CRL in text form. |
Print the CRL in plain text. |
| .El |
.El |
| .Sh CRL2PKCS7 |
.Sh CRL2PKCS7 |
| .nr nS 1 |
.nr nS 1 |
|
|
| .Ar file , |
.Ar file , |
| or standard input if not specified. |
or standard input if not specified. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| Specify the CRL input format. |
The input format. |
| .It Fl nocrl |
.It Fl nocrl |
| Normally, a CRL is included in the output file. |
Normally, a CRL is included in the output file. |
| With this option, no CRL is |
With this option, no CRL is |
|
|
| .Ar file , |
.Ar file , |
| or standard output if not specified. |
or standard output if not specified. |
| .It Fl outform Cm der | pem |
.It Fl outform Cm der | pem |
| Specify the PKCS#7 structure output format. |
The output format. |
| .El |
.El |
| .Sh DGST |
.Sh DGST |
| .nr nS 1 |
.nr nS 1 |
|
|
| or standard input if not specified. |
or standard input if not specified. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| uses an ASN1 DER-encoded form compatible with the PKCS#3 DHparameter |
|
| structure. |
|
| .Cm pem |
|
| is the default: |
|
| it consists of the DER format base64-encoded with |
|
| additional header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN DH PARAMETERS----- |
|
| -----END DH PARAMETERS----- |
|
| .Ed |
|
| .It Fl noout |
.It Fl noout |
| Do not output the encoded version of the parameters. |
Do not output the encoded version of the parameters. |
| .It Fl out Ar file |
.It Fl out Ar file |
|
|
| .It Fl outform Cm der | pem |
.It Fl outform Cm der | pem |
| The output format. |
The output format. |
| .It Fl text |
.It Fl text |
| Print the DH parameters in human readable form. |
Print the DH parameters in plain text. |
| .It Ar numbits |
.It Ar numbits |
| Generate a parameter set of size |
Generate a parameter set of size |
| .Ar numbits . |
.Ar numbits . |
|
|
| .Nm pkcs8 |
.Nm pkcs8 |
| command. |
command. |
| .Pp |
.Pp |
| The PEM private key format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN DSA PRIVATE KEY----- |
|
| -----END DSA PRIVATE KEY----- |
|
| .Ed |
|
| .Pp |
|
| The PEM public key format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN PUBLIC KEY----- |
|
| -----END PUBLIC KEY----- |
|
| .Ed |
|
| .Pp |
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Xo |
.It Xo |
|
|
| If the key is encrypted, a pass phrase will be prompted for. |
If the key is encrypted, a pass phrase will be prompted for. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| with a private key uses an ASN1 DER-encoded form of an ASN.1 |
|
| SEQUENCE consisting of the values of version |
|
| .Pq currently zero , |
|
| P, Q, G, |
|
| and the public and private key components, respectively, as ASN.1 INTEGERs. |
|
| When used with a public key it uses a |
|
| .Em SubjectPublicKeyInfo |
|
| structure: it is an error if the key is not DSA. |
|
| .Pp |
|
| .Cm pem |
|
| is the default format: |
|
| it consists of the DER format base64-encoded with additional header and footer |
|
| lines. |
|
| In the case of a private key, PKCS#8 format is also accepted. |
|
| .It Fl modulus |
.It Fl modulus |
| Print the value of the public key component of the key. |
Print the value of the public key component of the key. |
| .It Fl noout |
.It Fl noout |
|
|
| Output a public key, not a private key. |
Output a public key, not a private key. |
| Automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| .It Fl text |
.It Fl text |
| Print the public/private key components and parameters. |
Print the public/private key in plain text. |
| .El |
.El |
| .Sh DSAPARAM |
.Sh DSAPARAM |
| .nr nS 1 |
.nr nS 1 |
|
|
| .Nm dsaparam |
.Nm dsaparam |
| command is used to manipulate or generate DSA parameter files. |
command is used to manipulate or generate DSA parameter files. |
| .Pp |
.Pp |
| PEM format DSA parameters use the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN DSA PARAMETERS----- |
|
| -----END DSA PARAMETERS----- |
|
| .Ed |
|
| .Pp |
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl C |
.It Fl C |
|
|
| parameter is included, then this option is ignored. |
parameter is included, then this option is ignored. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| uses an ASN1 DER-encoded form compatible with RFC 2459 |
|
| .Pq PKIX |
|
| DSS-Parms that is a SEQUENCE consisting of p, q and g, respectively. |
|
| .Cm pem |
|
| is the default format: |
|
| it consists of the DER format base64-encoded with additional header |
|
| and footer lines. |
|
| .It Fl noout |
.It Fl noout |
| Do not output the encoded version of the parameters. |
Do not output the encoded version of the parameters. |
| .It Fl out Ar file |
.It Fl out Ar file |
|
|
| .It Fl outform Cm der | pem |
.It Fl outform Cm der | pem |
| The output format. |
The output format. |
| .It Fl text |
.It Fl text |
| Print the DSA parameters in human readable form. |
Print the DSA parameters in plain text. |
| .It Ar numbits |
.It Ar numbits |
| Generate a parameter set of size |
Generate a parameter set of size |
| .Ar numbits . |
.Ar numbits . |
|
|
| .Nm pkcs8 |
.Nm pkcs8 |
| command. |
command. |
| .Pp |
.Pp |
| The PEM private key format uses the header and footer lines: |
|
| .Bd -literal -offset indent |
|
| -----BEGIN EC PRIVATE KEY----- |
|
| -----END EC PRIVATE KEY----- |
|
| .Ed |
|
| .Pp |
|
| The PEM public key format uses the header and footer lines: |
|
| .Bd -literal -offset indent |
|
| -----BEGIN PUBLIC KEY----- |
|
| -----END PUBLIC KEY----- |
|
| .Ed |
|
| .Pp |
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl conv_form Ar arg |
.It Fl conv_form Ar arg |
|
|
| If the key is encrypted a pass phrase will be prompted for. |
If the key is encrypted a pass phrase will be prompted for. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| with a private key uses |
|
| an ASN.1 DER-encoded SEC1 private key. |
|
| When used with a public key it |
|
| uses the SubjectPublicKeyInfo structure as specified in RFC 3280. |
|
| .Cm pem |
|
| is the default format: |
|
| it consists of the DER format base64-encoded |
|
| with additional header and footer lines. |
|
| In the case of a private key |
|
| PKCS#8 format is also accepted. |
|
| .It Fl noout |
.It Fl noout |
| Do not output the encoded version of the key. |
Do not output the encoded version of the key. |
| .It Fl out Ar file |
.It Fl out Ar file |
|
|
| Output a public key, not a private key. |
Output a public key, not a private key. |
| Automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| .It Fl text |
.It Fl text |
| Print the public/private key components and parameters. |
Print the public/private key in plain text. |
| .El |
.El |
| .Sh ECPARAM |
.Sh ECPARAM |
| .nr nS 1 |
.nr nS 1 |
|
|
| .Nm ecparam |
.Nm ecparam |
| can only create EC parameters from known (named) curves. |
can only create EC parameters from known (named) curves. |
| .Pp |
.Pp |
| PEM format EC parameters use the header and footer lines: |
|
| .Bd -literal -offset indent |
|
| -----BEGIN EC PARAMETERS----- |
|
| -----END EC PARAMETERS----- |
|
| .Ed |
|
| .Pp |
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl C |
.It Fl C |
|
|
| or standard input if not specified. |
or standard input if not specified. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| uses an ASN.1 DER-encoded |
|
| form compatible with RFC 3279 EcpkParameters. |
|
| .Cm pem |
|
| is the default format: |
|
| it consists of the DER format base64-encoded with additional |
|
| header and footer lines. |
|
| .It Fl list_curves |
.It Fl list_curves |
| Print a list of all |
Print a list of all |
| currently implemented EC parameter names and exit. |
currently implemented EC parameter names and exit. |
|
|
| alternative, as specified in RFC 3279, |
alternative, as specified in RFC 3279, |
| is currently not implemented. |
is currently not implemented. |
| .It Fl text |
.It Fl text |
| Print the EC parameters in human readable form. |
Print the EC parameters in plain text. |
| .El |
.El |
| .Sh ENC |
.Sh ENC |
| .nr nS 1 |
.nr nS 1 |
|
|
| The EC curve to use. |
The EC curve to use. |
| .El |
.El |
| .It Fl text |
.It Fl text |
| Print an unencrypted text representation of private and public keys and |
Print the private/public key in plain text. |
| parameters along with the DER or PEM structure. |
|
| .El |
.El |
| .Sh GENRSA |
.Sh GENRSA |
| .nr nS 1 |
.nr nS 1 |
|
|
| The PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC 2315. |
The PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC 2315. |
| They cannot currently parse, for example, the new CMS as described in RFC 2630. |
They cannot currently parse, for example, the new CMS as described in RFC 2630. |
| .Pp |
.Pp |
| The PEM PKCS#7 format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN PKCS7----- |
|
| -----END PKCS7----- |
|
| .Ed |
|
| .Pp |
|
| For compatibility with some CAs it will also accept: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN CERTIFICATE----- |
|
| -----END CERTIFICATE----- |
|
| .Ed |
|
| .Pp |
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl in Ar file |
.It Fl in Ar file |
|
|
| or standard input if not specified. |
or standard input if not specified. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| format is a DER-encoded PKCS#7 v1.5 structure. |
|
| .Cm pem |
|
| (the default) |
|
| is a base64-encoded version of the DER form with header and footer lines. |
|
| .It Fl noout |
.It Fl noout |
| Don't output the encoded version of the PKCS#7 structure |
Don't output the encoded version of the PKCS#7 structure |
| (or certificates if |
(or certificates if |
|
|
| If the key is encrypted, a pass phrase will be prompted for. |
If the key is encrypted, a pass phrase will be prompted for. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| If a PKCS#8 format key is expected on input, |
|
| then either a |
|
| DER- or PEM-encoded version of a PKCS#8 key will be expected. |
|
| Otherwise the DER or PEM format of the traditional format private key is used. |
|
| .It Fl nocrypt |
.It Fl nocrypt |
| Generate an unencrypted PrivateKeyInfo structure. |
Generate an unencrypted PrivateKeyInfo structure. |
| This option does not encrypt private keys at all |
This option does not encrypt private keys at all |
|
|
| Output a public key, not a private key. |
Output a public key, not a private key. |
| Automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| .It Fl text |
.It Fl text |
| Print out the various public or private key components in plain text |
Print the public/private key in plain text. |
| in addition to the encoded version. |
|
| .It Fl text_pub |
.It Fl text_pub |
| Print out only public key components |
Print out only public key components |
| even if a private key is being processed. |
even if a private key is being processed. |
|
|
| The output file to write to, |
The output file to write to, |
| or standard output if not specified. |
or standard output if not specified. |
| .It Fl text |
.It Fl text |
| Print the parameters in plain text, in addition to the encoded version. |
Print the parameters in plain text. |
| .El |
.El |
| .Sh PKEYUTL |
.Sh PKEYUTL |
| .nr nS 1 |
.nr nS 1 |
|
|
| are not specified. |
are not specified. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem |
| The input format. |
The input format. |
| .Cm der |
|
| uses an ASN1 DER-encoded form compatible with the PKCS#10. |
|
| .Cm pem |
|
| is the default format: |
|
| it consists of the DER format base64-encoded with additional header and |
|
| footer lines. |
|
| .It Fl key Ar keyfile |
.It Fl key Ar keyfile |
| The file to read the private key from. |
The file to read the private key from. |
| It also accepts PKCS#8 format private keys for PEM format files. |
It also accepts PKCS#8 format private keys for PEM format files. |
|
|
| .Fl x509 |
.Fl x509 |
| is specified). |
is specified). |
| .It Fl text |
.It Fl text |
| Print the certificate request in text form. |
Print the certificate request in plain text. |
| .It Fl utf8 |
.It Fl utf8 |
| Interpret field values as UTF8 strings, not ASCII. |
Interpret field values as UTF8 strings, not ASCII. |
| .It Fl verbose |
.It Fl verbose |
|
|
| Any additional fields will be treated as though they were a |
Any additional fields will be treated as though they were a |
| .Cm DirectoryString . |
.Cm DirectoryString . |
| .Pp |
.Pp |
| The header and footer lines in the PEM format are normally: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN CERTIFICATE REQUEST----- |
|
| -----END CERTIFICATE REQUEST----- |
|
| .Ed |
|
| .Pp |
|
| Some software instead needs: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN NEW CERTIFICATE REQUEST----- |
|
| -----END NEW CERTIFICATE REQUEST----- |
|
| .Ed |
|
| .Pp |
|
| The following messages are frequently asked about: |
The following messages are frequently asked about: |
| .Bd -unfilled -offset indent |
.Bd -unfilled -offset indent |
| Using configuration from /some/path/openssl.cnf |
Using configuration from /some/path/openssl.cnf |
|
|
| See the description |
See the description |
| .Fl asn1-kludge |
.Fl asn1-kludge |
| for more information. |
for more information. |
| .\" |
|
| .\" RSA |
|
| .\" |
|
| .Sh RSA |
.Sh RSA |
| .nr nS 1 |
.nr nS 1 |
| .Nm "openssl rsa" |
.Nm "openssl rsa" |
| .Bk -words |
.Op Fl aes128 | aes192 | aes256 | des | des3 |
| .Oo |
|
| .Fl aes128 | aes192 | aes256 | |
|
| .Fl des | des3 |
|
| .Oc |
|
| .Op Fl check |
.Op Fl check |
| .Op Fl in Ar file |
.Op Fl in Ar file |
| .Op Fl inform Ar DER | NET | PEM |
.Op Fl inform Cm der | net | pem |
| .Op Fl modulus |
.Op Fl modulus |
| .Op Fl noout |
.Op Fl noout |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl outform Ar DER | NET | PEM |
.Op Fl outform Cm der | net | pem |
| .Op Fl passin Ar arg |
.Op Fl passin Ar arg |
| .Op Fl passout Ar arg |
.Op Fl passout Ar arg |
| .Op Fl pubin |
.Op Fl pubin |
|
|
| .Op Fl sgckey |
.Op Fl sgckey |
| .Op Fl text |
.Op Fl text |
| .nr nS 0 |
.nr nS 0 |
| .Ek |
|
| .Pp |
.Pp |
| The |
The |
| .Nm rsa |
.Nm rsa |
| command processes RSA keys. |
command processes RSA keys. |
| They can be converted between various forms and their components printed out. |
They can be converted between various forms and their components printed out. |
| .Pp |
.Nm rsa |
| .Sy Note : |
uses the traditional |
| this command uses the traditional |
|
| .Nm SSLeay |
.Nm SSLeay |
| compatible format for private key encryption: |
compatible format for private key encryption: |
| newer applications should use the more secure PKCS#8 format using the |
newer applications should use the more secure PKCS#8 format using the |
|
|
| .Pp |
.Pp |
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Xo |
.It Fl aes128 | aes192 | aes256 | des | des3 |
| .Fl aes128 | aes192 | aes256 | |
Encrypt the private key with the AES, DES, |
| .Fl des | des3 |
|
| .Xc |
|
| These options encrypt the private key with the AES, DES, |
|
| or the triple DES ciphers, respectively, before outputting it. |
or the triple DES ciphers, respectively, before outputting it. |
| A pass phrase is prompted for. |
A pass phrase is prompted for. |
| If none of these options are specified, the key is written in plain text. |
If none of these options are specified, the key is written in plain text. |
|
|
| it can be used to add or change the pass phrase. |
it can be used to add or change the pass phrase. |
| These options can only be used with PEM format output files. |
These options can only be used with PEM format output files. |
| .It Fl check |
.It Fl check |
| This option checks the consistency of an RSA private key. |
Check the consistency of an RSA private key. |
| .It Fl in Ar file |
.It Fl in Ar file |
| This specifies the input |
The input file to read from, |
| .Ar file |
or standard input if not specified. |
| to read a key from, or standard input if this |
|
| option is not specified. |
|
| If the key is encrypted, a pass phrase will be prompted for. |
If the key is encrypted, a pass phrase will be prompted for. |
| .It Fl inform Ar DER | NET | PEM |
.It Fl inform Cm der | net | pem |
| This specifies the input format. |
The input format. |
| The |
|
| .Ar DER |
|
| argument |
|
| uses an ASN1 DER-encoded form compatible with the PKCS#1 |
|
| RSAPrivateKey or SubjectPublicKeyInfo format. |
|
| The |
|
| .Ar PEM |
|
| form is the default format: it consists of the DER format base64-encoded with |
|
| additional header and footer lines. |
|
| On input PKCS#8 format private keys are also accepted. |
|
| The |
|
| .Ar NET |
|
| form is a format described in the |
|
| .Sx RSA NOTES |
|
| section. |
|
| .It Fl noout |
.It Fl noout |
| This option prevents output of the encoded version of the key. |
Do not output the encoded version of the key. |
| .It Fl modulus |
.It Fl modulus |
| This option prints out the value of the modulus of the key. |
Print the value of the modulus of the key. |
| .It Fl out Ar file |
.It Fl out Ar file |
| This specifies the output |
The output file to write to, |
| .Ar file |
or standard output if not specified. |
| to write a key to, or standard output if this option is not specified. |
.It Fl outform Cm der | net | pem |
| If any encryption options are set, a pass phrase will be prompted for. |
The output format. |
| The output filename should |
|
| .Em not |
|
| be the same as the input filename. |
|
| .It Fl outform Ar DER | NET | PEM |
|
| This specifies the output format; the options have the same meaning as the |
|
| .Fl inform |
|
| option. |
|
| .It Fl passin Ar arg |
.It Fl passin Ar arg |
| The key password source. |
The key password source. |
| .It Fl passout Ar arg |
.It Fl passout Ar arg |
| The output file password source. |
The output file password source. |
| .It Fl pubin |
.It Fl pubin |
| By default, a private key is read from the input file; with this |
Read in a public key, |
| option a public key is read instead. |
not a private key. |
| .It Fl pubout |
.It Fl pubout |
| By default, a private key is output; |
Output a public key, |
| with this option a public key will be output instead. |
not a private key. |
| This option is automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| .It Fl sgckey |
.It Fl sgckey |
| Use the modified |
Use the modified NET algorithm used with some versions of Microsoft IIS |
| .Em NET |
and SGC keys. |
| algorithm used with some versions of Microsoft IIS and SGC keys. |
|
| .It Fl text |
.It Fl text |
| Prints out the various public or private key components in |
Print the public/private key components in plain text. |
| plain text, in addition to the encoded version. |
|
| .El |
.El |
| .Sh RSA NOTES |
|
| The PEM private key format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN RSA PRIVATE KEY----- |
|
| -----END RSA PRIVATE KEY----- |
|
| .Ed |
|
| .Pp |
|
| The PEM public key format uses the header and footer lines: |
|
| .Bd -unfilled -offset indent |
|
| -----BEGIN PUBLIC KEY----- |
|
| -----END PUBLIC KEY----- |
|
| .Ed |
|
| .Pp |
|
| The |
|
| .Em NET |
|
| form is a format compatible with older Netscape servers |
|
| and Microsoft IIS .key files; this uses unsalted RC4 for its encryption. |
|
| It is not very secure and so should only be used when necessary. |
|
| .Pp |
|
| Some newer version of IIS have additional data in the exported .key files. |
|
| To use these with the |
|
| .Nm rsa |
|
| utility, view the file with a binary editor |
|
| and look for the string |
|
| .Qq private-key , |
|
| then trace back to the byte sequence 0x30, 0x82 |
|
| .Pq this is an ASN1 SEQUENCE . |
|
| Copy all the data from this point onwards to another file and use that as |
|
| the input to the |
|
| .Nm rsa |
|
| utility with the |
|
| .Fl inform Ar NET |
|
| option. |
|
| If there is an error after entering the password, try the |
|
| .Fl sgckey |
|
| option. |
|
| .Sh RSA EXAMPLES |
|
| To remove the pass phrase on an RSA private key: |
|
| .Pp |
|
| .Dl $ openssl rsa -in key.pem -out keyout.pem |
|
| .Pp |
|
| To encrypt a private key using triple DES: |
|
| .Pp |
|
| .Dl $ openssl rsa -in key.pem -des3 -out keyout.pem |
|
| .Pp |
|
| To convert a private key from PEM to DER format: |
|
| .Pp |
|
| .Dl $ openssl rsa -in key.pem -outform DER -out keyout.der |
|
| .Pp |
|
| To print out the components of a private key to standard output: |
|
| .Pp |
|
| .Dl $ openssl rsa -in key.pem -text -noout |
|
| .Pp |
|
| To just output the public part of a private key: |
|
| .Pp |
|
| .Dl $ openssl rsa -in key.pem -pubout -out pubkey.pem |
|
| .Sh RSA BUGS |
|
| The command line password arguments don't currently work with |
|
| .Em NET |
|
| format. |
|
| .Pp |
|
| There should be an option that automatically handles .key files, |
|
| without having to manually edit them. |
|
| .\" |
.\" |
| .\" RSAUTL |
.\" RSAUTL |
| .\" |
.\" |
|
|
| Read the password from standard input. |
Read the password from standard input. |
| .El |
.El |
| .Pp |
.Pp |
| File formats, |
Input/output formats, |
| typically specified using |
typically specified using |
| .Fl inform |
.Fl inform |
| and |
and |
| .Fl outform , |
.Fl outform , |
| indicate the type of file being read from |
indicate the format being read from or written to. |
| or the file format to write. |
|
| The argument is case insensitive. |
The argument is case insensitive. |
| .Pp |
.Pp |
| .Bl -tag -width Ds -offset indent -compact |
.Bl -tag -width Ds -offset indent -compact |
| .It Cm der |
.It Cm der |
| Distinguished Encoding Rules (DER) |
Distinguished Encoding Rules (DER) |
| is a binary format. |
is a binary format. |
| |
.It Cm net |
| |
Insecure legacy format. |
| .It Cm pem |
.It Cm pem |
| Privacy Enhanced Mail (PEM) |
Privacy Enhanced Mail (PEM) |
| is base64-encoded. |
is base64-encoded. |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl